Container, method, and system for enabling offline access control and for enabling offline sensor data transmission

ABSTRACT

In a method and system for opening a container having a lock device, a mobile terminal exchanges data with the lock device using near-field data transmission and exchanges data with a server using far-filed data transmission. The mobile terminal stores container reconfiguration data and container operating data, which include at least time data and access data. The server generates new container reconfiguration data in response to receiving the container operating data from the mobile terminal and transmits the new container reconfiguration data to the mobile terminal using the far-field data transmission. The new container reconfiguration data are then transmitted from the mobile terminal to the lock device using the near-filed transmission.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is the U.S. National Stage of International ApplicationNo. PCT/EP2020/050723 filed on Jan. 13, 2020, which claims priority toGerman patent application no. 10 2019 000 559.7 filed on Jan. 25, 2019.

TECHNICAL FIELD

The present invention generally relates to a container for accommodatingobjects, to a method in which such a container is used, and to a system.

BACKGROUND OF THE INVENTION

Developments in the area of access control systems, in particular in thearea of home automation, which link the opening of a lock to thepresence of a smartphone, can be identified. A distinction can be maderoughly between two versions. On the one hand, there are cases in whichdata from the smartphone is sent to a server via an app and from thisserver to the lock. On the other hand, there are solutions in which keyinformation is already stored in the smartphone, so that directcommunication takes place between the smartphone and the lock(optionally, the lock has no connection to the Internet). In bothversions, the lock is opened when the transmitted data matches thestored data.

However, in order to safely change the data stored in the lock (add ordelete keys, or configure time restrictions, etc.), the lock absolutelyrequires a connection to the Internet so that the secure transmissioncan take place from a central point.

If there is no connection of the lock to the Internet, then the onlyoption left is that the lock is configured locally, as is common e.g.,with RFID locks having “programming cards”. However, since this isimpractical in the case of a very high number and widely distributed oreven mobile locks, since on the one hand all locks have to be manuallyupdated individually—by a person who has the appropriate programmingtools and configuration data and who also has the opportunity to gainaccess to the lock. On the other hand, the method is simply not secure,as it cannot be centrally monitored whether the reconfiguration wascarried out at all for all locks or whether this was successful.

In areas where there is no internet connection or in the case of objectsthat cannot be equipped with a permanent data connection, secure andcentral management of the distributed locks is not possible today.

SUMMARY OF THE INVENTION

It is therefore an object of the present teachings to disclosetechniques for improving a lockable container, a method of operating thelockable container and a system that includes the lockable container.Additionally or alternatively, improve techniques for offline accesscontrol and/or offline sensor data transmission are disclosed. In thiscontext, “offline” means that the object itself cannot temporarily, ore.g., permanently, establish a direct connection to the Internet; e.g.,it has no means for establishing such a connection.

In one aspect of the present teachings, a container for accommodatingobjects, such as samples having (containing) biological material, isdisclosed. The container preferably has at least one main body thatencloses an accommodating volume on multiple sides. Furthermore, thecontainer preferably has an opening device, e.g., a door or flap, whichis arranged or disposed so as to be movable, e.g., closable, withrespect to the main body. Furthermore, a lock device is provided forpreventing a defined relative movement of the opening device withrespect to the main body, wherein the lock device includes anelectrically operated actuator. Furthermore, a near-field datatransmission device is provided for receiving data from at least onemobile terminal while the at least one mobile terminal is temporarilylocated in a defined distance range from the container and for sendingdata to the at least one mobile terminal that is temporarily located inthe defined distance range from the container. Furthermore, a memoryunit is provided for temporarily storing time data and access data,wherein the time data include at least data with respect to the lastopening time and/or at least data with respect to the last closing time.Furthermore, the access data include at least authorization data andidentification data; the authorization data define, depending on whichidentification data, the actuator converts the lock device from a closedconfiguration to an open configuration; the identification data specifyan assignment to the mobile terminal, e.g., to a defined application orprogram, e.g., in a cloud-based manner, that is executed or executableon the mobile terminal. Furthermore, a processor device is provided forcomparing the authorization data and the identification data, whereinthe actuator is controllable by the processor device for opening thelock device in the event of a positive comparison that represents adefined match of the compared data. Furthermore, an energy sourcedifferent from a fixed power connection is provided for operating atleast the actuator, the near-field data transmission device, the memoryunit and the processor device. Preferably only those connections thatdraw electricity by means of a cable connection from a supplyinfrastructure and thus from a power plant, such as a coal-fired powerplant, wind power plant, hydroelectric power plant or solar power plant,particularly preferably from at least 100 m or 1000 m or 2 km or 3 km or5 km or 10 km away, serve as a fixed power connection in the presentcontext. Particularly preferably, the object for data transmission onlyhas the near-field data transmission device and thus particularlypreferably no far-field data transmission device, e.g., no device forgenerating a cellular data connection, such as e.g., a GSM, UMTS or LTEconnection.

This solution or configuration is advantageous because the object can beused or operated independently of a stationary infrastructure.Furthermore, a wide variety of data relating to the use of the containercan be recorded and made available. Because the container preferablydoes not have a far field data transmission device, the costs for thecontainer can be very low. In addition, the total energy requirement ofthe electrical components of the container is very low as a result. Thecontainer can additionally or alternatively be equipped with IoTtransmission technologies, such as, narrowband IoT and/or LORA WAN.

Further preferred embodiments of the present teachings are the subjectmatter of the dependent claims and/or the following parts of thedescription.

According to one preferred embodiment of the present teachings, theprocessor device, the memory unit and the near-field data transmissiondevice and preferably also the energy source are designed as part of thelock device, wherein the processor device, the memory unit and thenear-field data transmission device are arranged inside the container inthe closed configuration of the container. This embodiment isadvantageous because there are very short data transmission paths andvery short energy transmission paths. Furthermore, the base body of thecontainer and the lock device can be manufactured separately from oneanother. Furthermore, it is possible that the present teachings relatealternatively to such a lock device. This can be advantageous becausethe lock device can thus be used in different containers.

According to a further preferred embodiment of the present teachings,one or at least one temperature sensor is arranged inside the containeror on a wall of the container. The temperature sensor(s) output(s)temperature values that are storable by the processor device in thememory unit in the form of data or temperature data that are storable bythe processor device in the memory unit together with time data and/oraccess data. This embodiment is advantageous because it can bedetermined, e.g. as a function of the time, to what temperatures theobjects disposed in the container were exposed. Thus, for example, inthe case of samples of biological material, predictions can be made asto whether these samples can still be analyzed or whether they must beregarded as rejects (spoiled). This has the advantage that samplesdeemed to be rejects are not analyzed unnecessarily, which improvescapacities and reduces costs.

According to a further preferred embodiment of the present teachings,one or at least one humidity sensor is arranged inside the container oron a wall of the container. The humidity sensor(s) output(s) humidityvalues that are storable by the processor device in the memory in theform of data or humidity data that are storable by the processor devicein the memory together with time data and/or access data and/ortemperature data. This embodiment is advantageous since effects on theobjects held in the container can thereby be determined. The humiditysensor(s) can, e.g., also serve to detect whether liquid is emergingfrom the object, e.g., leaking or evaporating. Thus, for example,changes in the concentration of the liquid held in the object can bedetermined. Additionally or alternatively, defects of the object andthus leakages can be detected.

According to a further preferred embodiment of the present teachings,one or at least one weight sensor is arranged in a wall forming thebottom of the container or on the wall forming the bottom, wherein theweight sensor outputs weight values or weight data. The processor devicepreferably stores the weight values in the memory unit in the form ofdata and/or stores the weight data in the memory unit together with timedata and/or access data and/or temperature data and/or humidity data.This embodiment is advantageous because whether an object is disposed inthe container can be detected by using the weight data. Additionally oralternatively, it can be determined in this way whether the object isthe correct object, in other words, whether the correct object oranother object has been placed in the container. Data with respect tothe object are preferably recorded by means of a registration device,which is preferably not part of the container, before the positioning ofthe object in the container is detected. In this case, the registrationdevice can temporarily or permanently establish a connection to theInternet and preferably transmits object-specific data and/orcontainer-specific data to the server device. The server devicepreferably transmits the object-specific data and/or thecontainer-specific data to the mobile terminal. The container thentransmits the sensor data to the mobile terminal and the mobile terminalpreferably performs a comparison of the registered data with the actualdata of the container. Depending on the object, this comparison can beused to overwrite or replace opening data for opening the container,wherein the container remains closed if the comparison should result indeviations that are above a defined threshold value. This can beimportant, e.g., for objects that contain hazardous substances such aspoison, viruses, bacteria, spores, etc.

According to a further preferred embodiment, energy source data isgeneratable by the processor device, wherein the energy source datainclude data with respect to the charge level and/or the degree ofdischarge over a defined period and/or with respect to the change involtage over a defined period. This embodiment is advantageous because,e.g., a replacement of the energy source can be made in accordance withthis data.

According to yet another preferred embodiment of the present teachings,the container in the closed configuration delimits a volume of less than10 m³, e.g., less than 5 m³ or less than 2 m³ or less than 1 m³ or lessthan 0.5 m³ or less than 0.1 m³, and/or it houses or encloses this.Additionally or alternatively, the mean wall thickness of the walls ofthe container is preferably less than 30 mm thick, e.g., less than 20 mmor less than 10 mm thick or is between 20 mm and 8 mm thick or less than5 mm thick or less than 3 mm thick. Additionally or alternatively, inthe closed configuration the opening device overlays a wall extendingparallel to the opening device by at least 50% (of the wall surface),e.g., at least 60% (of the wall surface) or at least 80% (of the wallsurface) or at least 90% (of the wall surface). Additionally oralternatively, the walls include one or at least one metal or one or atleast one polymer material or one or at least one composite material orare composed of at least 50% (in terms of weight), e.g., at least 60%(in terms of weight) or at least 70% (in terms of weight) or at least80% (by mass) or at least 90% (by mass) from one of these materials.Additionally or alternatively, the energy source may be a battery havinga minimum capacity or electrical charge of at least or exactly or up to500 mAh or at least or exactly or up to 1400 mAh or at least or exactlyor up to 2000 mAh or at least or exactly or up to 3000 mAh or at leastor exactly or up to 10000 mAh or at least or exactly or up to 15000 mAhor at least or exactly or up to 25000 mAh or at least or exactly or upto 50,000 mAh or at least or exactly or up to 100,000 mAh. Additionallyor alternatively, the near-field data transmission device can be anRFID, Bluetooth®, WLAN, ZigBee® and/or Z-Wave® data transmission device.

In another aspect of the present teachings, a method may preferablyinclude: providing a container, e.g., a container described herein, andproviding a mobile terminal that includes: a near-field datatransmission means for data exchange with the near-field datatransmission device of the container; a far-field data transmissionmeans, e.g., LTE, for data exchange with a server; a processor devicefor executing a control application; and a memory device for storingcontainer reconfiguration data and container operating data. Thecontainer operating data are transmitted by the near-field datatransmission device to the near-field data transmission means of themobile terminal to be forwarded to the server device and the mobileterminal receives the container reconfiguration data from the server viathe far-field data transmission means. The container reconfigurationdata are generated in response to the container operating datatransmitted to the server by means of the near-field data transmissionmeans, wherein the container operating data include at least time dataand access data.

Such a method is advantageous because it makes possible a secureassignment of unique access rights (e.g., key for an electronic lock)without the use of specialized hardware (e.g., RFID token or mechanicalkey), as well as without an existing internet connection (at the time ofopening/no “realtime” query from a server).

It is particularly advantageous here that different (changing) personsand/or mobile terminals can have access to a specially protected area.The access is preferably managed electronically and the granting ispreferably configured granularly; i.e. an access authorization can begranted and/or revoked, e.g., in a point-in-time-dependent or timerange-dependent manner and/or in a user-dependent manner and/or in alocation-dependent and/or priority-dependent manner. Thus, e.g., theopening of a specific container can be made possible only on a specificday in a precisely defined time window. In this context,“priority-dependent” preferably means that a user and/or a terminalhaving higher authorization can open the container even if another userand/or another terminal has already registered the container.

If the terminal of a user does not have an existing Internet connection,then he/she cannot use a “key server” at the time at which he/she wouldlike to open the lock or the lock device, e.g., by entering the lock ID,to ask whether he/she has the authorization to open the lock or requestthe necessary key. Applications here, among others, are access rights toelectronic locks in areas not supplied with mobile internet (radio gaps,nature reserves, under ground, under water, etc.).

According to a preferred embodiment of the present teachings, the timedata include at least data with respect to the last opening time and/orat least data with respect to the last closing time. Here, the accessdata preferably include authorization data and identification data,wherein the authorization data defines, in dependency of whichidentification data, the actuator converts the lock device from a closedconfiguration to an open configuration, and wherein the identificationdata specify an assignment to the mobile terminal.

This solution is also advantageous because the “key carrier” or the userhas a mobile device that is basically equipped with a permanent Internetconnection. An application is preferably installed on the mobile devicethat synchronizes itself regularly and/or at defined times and/or as afunction of defined events, e.g., position data, with a key server onwhich the access rights for the “key holder” are managed, or activelytransfers changes to the rights to the application.

The transmission preferably takes place in an encrypted manner so thatthe actual key does not appear in plain text. In addition, the systemtimes are preferably synchronized so that deviations in the local timeof the key carrier can be compensated (if access is only to be grantedin a time window). If the “key carrier” now reaches the container thatis to be opened, the unique lock ID must be transmitted to theapplication (e.g. typing in, via barcode, transmission via Bluetooth® oranother wireless technology). The application of the mobile device nowchecks locally whether there are access rights. If the check ispositive, the “key carrier” receives access, in which the code isdisplayed to him/her or the signal to open the lock is transmitted fromthe application via radio waves (e. g., Bluetooth®).

With such a method, using defined devices and technologies (mobilephone, mobile internet access, mobile application, key server,encryption, secure transmission technologies) and preferably without theuse of specialized hardware, different accesses for multiple users canbe managed online, even if it cannot be guaranteed that there is anonline connection at the time of access to the protected area.

According to a further preferred embodiment of the present teachings,the container has at least one sensor that provides data and/or signalsto the processor device of the container and the near-field datatransmission device of the container transmits signals and/or data,which represent the sensor data or sensor signals, as part of thecontainer operating data to the near-field data transmission means ofthe mobile terminal. Identification data provided by the server or theserver device are preferably provided in the memory unit of the mobileterminal, wherein the identification data is transmitted to the mobileterminal together with the container reconfiguration data or as aseparate data record. The identification data are preferably transmittedtogether with specific device data of the mobile terminal as a result ofan access authorization request via the near-field data transmissionmeans to the near-field data transmission device. Particularlypreferably, at least the identification data are stored in the memoryunit and are compared with authorization data present (stored) in thememory unit. Depending on a comparison result resulting from thecomparison, the lock device remains in the locked state or is convertedto an open state (the above-described open configuration). A specificset of container operating data is preferably provided or written orstored by the processor device of the container in a modified form inthe memory unit, at least after this set of container operating data hasbeen transmitted to the mobile terminal. Here, the containerreconfiguration data of the processor device of the container preferablyspecify which data, e.g., which specific set of container data, isdeleted from the memory unit, wherein the processor device of thecontainer deletes the data from the memory unit in accordance with thecontainer reconfiguration data. The container reconfiguration datapreferably include authorization data and an instruction to theprocessor device of the container to replace and/or augment theauthorization data held in the storage unit with the authorization dataof the container reconfiguration data.

A computer program product for executing such a method is also disclosedherein.

Furthermore, a system that may include, e.g., the above-describedcontainer and/or the above-described mobile terminal is also disclosedherein.

For example, such a system preferably includes at least multiplecontainers, e.g., containers described herein, and multiple mobileterminals. Each mobile terminal includes: a near-field data transmissionmeans for data exchange with the near-field data transmission devices ofthe containers; a far-field data transmission means, e.g., LTE, for dataexchange with a server; a processor device for executing a controlapplication; and a memory device for storing container reconfigurationdata and container operating data. The container operating data arepreferably transmitted by the near-field data transmission device to thenear-field data transmission means of the respective mobile terminal forforwarding to the server device. The container operating data include atleast time data and access data, wherein the time data preferablyincludes at least data with respect to the last opening time and/or atleast data with respect to the last closing time. Furthermore, thesystem preferably includes one or at least one server device, e.g., acloud server device. The server device preferably receives the containeroperating data from the respective mobile terminal and after receivingthe container operating data the server device generates containerreconfiguration data. These container reconfiguration data are sent fromthe server device to the mobile terminal or to several mobile terminalsor to defined (pre-determined) mobile terminals. The server devicepreferably sends the container reconfiguration data to the mobileterminal from which it received the container operating data or it sendsthe container reconfiguration data to another mobile terminal that isassigned to the container, or it sends the container reconfigurationdata to a group of mobile terminals, wherein preferably a single one of,multiple, the majority of or all of the mobile terminals assigned to thegroup are assigned to the container.

Further advantages, objectives and properties of the present teachingsare explained with reference to the following description of theattached drawings, in which a representative method according to thepresent teachings is shown by way of example. Components or elementsthat are preferably used in the representative method and/or which atleast essentially correspond in terms of their function in the figurescan be identified with the same reference symbols, although thesecomponents or elements need not be numbered or explained in all figures.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1a-1d show, purely schematically, a top view, a bottom view andtwo side views, respectively, of an example of lock device for acontainer according to the present teachings, FIGS. 2 and 3 showadditional views of the lock device arranged on a wall of a container,and FIGS. 4-6 show respective containers including the lock device;

FIGS. 7 to 10 show, purely schematically, an example of datatransmission in accordance with a method or system according to thepresent teachings; and

FIG. 11 shows, purely by way of example, a preferred method sequenceaccording to the present teachings, wherein a single one of or multipleof the steps shown need not be carried out or can also be carried out ina different sequence or also several times.

DETAILED DESCRIPTION OF THE INVENTION

FIGS. 1a-1d , 2 and 3 schematically show a lock device 10 for preventinga defined relative movement of an opening device 8 with respect to themain body 4.

The lock device 10 preferably includes an electrically operated(electrically driven) actuator 12.

Furthermore, at least or precisely one sensor device or a sensor isarranged in the lock device 10.

The sensor(s) is/are preferably directly installed in the lock unit orlock device 10. Additionally or alternatively, the possibility can existto connect one or multiple sensors (e.g., further sensor(s)) directly tothe lock device 10 via connection cables or a suitable near-field radiotechnology (then the sensor(s) need its/their own power supply), e.g. tocollect sensor data at a more suitable place (e.g., temperaturemeasurements at different places in the box). With some sensors,detection of a property directly in the lock unit is also not possible(e.g., weight sensor is provided separately from the lock device 10 inorder to detect the weight of an object placed in the container 1, aswill be further described below).

The container 1 has an interior space and at least one wall thatdelimits the interior space from the surroundings. The lock device 10 isarranged (disposed) on a wall of the container 1 or on an opening device8 that is movable relative to the wall, e.g., on a displaceable orpivotable flap, window or door. The side of the lock device 10 that isarranged on the wall is preferably considered to be the outer side ofthe lock device 10; the side of the lock device 10 that is essentiallyparallel or opposite thereto is considered to be the inner side. One,multiple or all of the sensors in the lock device 10 are arranged closerto the inner side of the lock device 10 than to the outer side. Thus,between the sensor and/or the sensor device or the sensors and the wall,e.g., the contact point of the lock device with the wall, there ispreferably a distance between 3 mm and 50 mm, e.g., between 5 mm and 20mm or between 8 mm and 18 mm or at least 5 mm or at least 10 mm to theouter wall of the container. This is advantageous because a thermaldecoupling (applies e.g., to a temperature sensor 24 and/or a humiditysensor or an air humidity sensor 29) is created.

There is a possibility that one or more of the sensors is/are providedand/or installed as an analog sensor. An A/D conversion can thenpreferably be implemented using a corresponding function or device,e.g., the processor device or an A/D converter unit, in the lock unit orin the lock device 10. Additionally or alternatively, a digital sensoror several digital sensors can be provided and/or connected and/orinstalled. Because one or more such digital sensors already deliver(s)digital measurement parameters, the digital signals from the lock unitcan be processed without further conversion.

One or at least one or more fingerprint sensors can also be connected tothe lock device 10, so that people who want to open the container orreceptacle 1 can identify themselves with their fingerprint (e.g. forthe highest security requirements). In this case, the fingerprint sensorcan also or alternatively be located in the mobile terminal 16 and therecorded data can be transmitted to the near-field data transmissiondevice 14 of the lock device 10 via the near-field data transmissionmeans 34 of the mobile terminal 16 for comparison by the processordevice 20 of the lock device 10.

Furthermore, light-emitting diodes (not shown) can be connected to thelock device 10. Additionally or alternatively, e.g., on the outer sideof the container 1, different information can be communicated and/ordistributed to the outside by using different colors and/or “blinkcodes”. Additionally or alternatively, there is the possibility ofconnecting graphic displays to the lock unit. Due to the low powerconsumption, ePaper or electronic paper are preferably used here. Forexample, in the event that information is only displayed for a shorttime, all other conventional display technologies can also be used (esp.LED segment displays, LCD displays and/or graphic LCD or TFT or OLEDdisplays).

FIG. 2 shows the lock device 10 arranged on an outer wall 26 of thecontainer 1. The lock device 10 preferably has an energy source 22,e.g., a battery, an electronic unit 19, an actuator unit 12 and a bolt17 that is movable by means of the actuator unit 12, e.g., an electricmotor. The electronic unit 19 preferably includes a processor device 20,a memory unit 18, a near-field data transmission means 14, an antennaunit 15 and a sensor device 23. The aforementioned devices of theelectronic unit 19 are preferably connected at least indirectly to theprocessor device 20. The sensor device 23 can include one or moresensors, e.g., a humidity sensor 29 and/or a temperature sensor 24. Thesensor device 23 is arranged in the housing of the lock device 10,wherein the lock device 10 preferably has a recess or an opening 11 inthe direction of the interior of the container or facing away from thenext container wall, which can preferably be open or covered with amembrane. The sensor device 23 is preferably spaced at a distance, whichis represented by reference number 25, of at least 2 mm, e.g., at least4 mm or at least or exactly or up to 5 mm or at least or exactly or upto 8 mm or at least or exactly or up to 10 mm or at least or exactly upto 15 mm, with respect to the outer wall 26 on which the lock device 10is arranged or formed.

FIGS. 4 and 5 schematically show different designs of the container 1.According to FIG. 4 (and FIG. 3), the lock device 10 is arranged on thedoor; the container 1 or the container wall includes a receiving part 5for receiving the bolt 17 in the closed (locked) configuration or formsit. According to FIG. 5, the door or the opening device 8 forms thereceiving part 5 and the lock device 10 is arranged on or in thecontainer wall.

FIG. 6 shows purely schematically that the container 10 can also beequipped with one sensor or with several sensors, as will be furtherdescribed below.

Depending on the size and nature of the container 1, one or more weightsensors 30, 31 may be installed on the bottom of the container 1, e.g.,using a “double bottom” so that the weight of a deposited object can bereliably detected, particularly preferably regardless of the shape orsize of the object and/or independently of the location in the container1 at which the object or the object 2 is deposited (placed). Theconnection of the weight sensor(s) to the lock device, e.g., the signaland/or data-technical coupling with the processor device 20 of the lockdevice 10, can take place in a wire-connected or circuit board-connectedmanner or by a suitable near-field radio technology.

A vibration sensor or multiple vibration sensors, e.g., accelerationsensor(s) 46, can be installed in the container 1, e.g., in the area ofthe wall, e.g., on the floor, or in the lock device 10. The accelerationsensor(s) 46 record(s) the acceleration values to which the container 1is exposed (subjected). Furthermore, the container 1 can include afurther temperature sensor 240, e.g., in the upper area, i.e. above thecenter of the container 1, or in the lower area, i.e. below the centerof the container 1, or in the area of the center of the container 1. Inthis context, “in the area of the center” is to be understood in termsof height as +/−10% or +/−20% or +/−30% or +/−40% above and/or below the(vertical) center and/or the vertical middle. The height percentagesrelate to the maximum height of the accommodation space.

An air pressure sensor (not shown) or multiple air pressure sensors canbe installed in the container 1, e.g., in the area of the wall, e.g., onthe floor, or in the lock device 10, which record(s) the air pressurechanges to which the container 1 is exposed (subjected). Additionally oralternatively, one or more gas sensors can be provided in the container1, e.g., in the area of a wall, e.g., on the floor or on the cover ofthe container 1. These embodiments are advantageous because theenvironmental conditions in the area of the container 1 can be recordedvery precisely thereby, e.g. in transport containers that aretransported by aircraft.

In addition, a motion sensor or different motion sensors can beconnected to the lock device 10 in order to e.g.—should the container 1be designed as a mailbox or like a mailbox—to recognize that aninsertion or a placement has taken place. Here, depending on theapplication, one or more light sensor(s), infrared-, ultrasonic- and/ormagnetic field sensors come into consideration here.

Another type of sensor that comes into consideration would be a humiditysensor or a liquid sensor that is e.g. analogous to the weight sensor(s)for logical reasons to be installed on the bottom of the container 1 inorder to determine whether liquids in the container 1 have leaked.

To determine whether e.g. a mobile transport box has overturned or aprescribed maximum inclination has been exceeded, a gyroscope sensor(gyro instrument) can be coupled to the lock device, e.g., connected, orbuilt into it.

Furthermore, there is additionally or alternatively the possibility ofconnecting a GPS receiver to the lock device 10 or of integrating it.

FIGS. 7 to 10 show, purely schematically, an example of a sequence of arepresentative method for opening a container 1.

It can be seen that a container 1, e.g., a protected container without apermanent Internet connection, is provided, wherein the container 1includes a near-field data communication device (14—see e.g., FIG. 2)and thereby defines a near field communication area 50, as shown in FIG.7.

Furthermore, at least one mobile terminal 16 is provided, e.g., aplurality of mobile terminals, e.g., more than 5 per 100 km² or morethan or up to 10 per 100 km² or more than or up to 15 per 100 km² ormore than or up to 25 per 100 km² or more than or up to 50 per 100 km²or more than or up to 100 per 100 km² or more than or up to 200 per 100km² or more than or up to 500 per 100 km².

The mobile terminal 16 includes a near-field data transmission means 34for data exchange with the near-field data transmission device 14 of thecontainer 1 and furthermore it preferably includes a particularlypreferable wireless far-field data transmission means 36, e.g., GSM,UMTS, LTE, etc., for data exchange with a server 38 within the coveragearea 52 of a far-field communication infrastructure.

Furthermore, according to the representative method, a far-fieldtransmission infrastructure 37, e.g., one or more transmission stations,e.g., transmission towers, is used. The far-field data transmissionmeans 36 sends and preferably receives data at the same time or atdifferent times or sometimes at the same time. The far-field datatransmission means 36 receives the received data via the far-fieldtransmission infrastructure 37 that receives data from a server or aserver device 38, e.g., a cloud server. The transmitted data aretransmitted from the far-field data transmission device 36 to thetransmission infrastructure 37 for forwarding to the server 38 or theserver device.

The mobile terminal 16 includes a processor device 40 for executing acontrol application, and the mobile terminal 16 also has a memory device42 for storing container reconfiguration data and container operatingdata. Preferably, all data that is transmitted from the central serverunit 38 or the lock unit 10 to the mobile application (16) and(temporarily) stored there is protected from external access byencryption, e.g., by local encryption. This means that neither the userof the application himself/herself nor a third party can directly accessthe data stored in the mobile application, e.g., not by reading out thephysical memory of the mobile device. The encryption method and/or theexact parameters of the encryption are preferably configured centrallyby the administrator of the server unit and transmitted from there tothe mobile application.

In FIG. 8 it is schematically depicted that the mobile terminal 16receives access data from a server 38 or a server device, wherein theaccess data is transmitted (see communication paths 54, 56) via thetransmission infrastructure 37.

The user rights and/or the lock configurations, and preferably thetransmissions of all relevant sensor data or other data from the lockunits, is/are managed by one or more operators/administrators.

In FIG. 9 it is shown schematically that the mobile terminal 16transmits the access data to the container via the near-field datatransmission device (see communication path 58). The container operatingdata are then transmitted by the near-field data transmission device 14to the near-field data transmission means 34 of the mobile terminal 16for forwarding to the server device. It can be seen in a purelyschematic manner that the mobile terminal 16 is outside the range of thetransmission infrastructure or cannot establish a mobile data connectionto the Internet.

FIG. 10 shows schematically that the mobile terminal 16, as soon as itis back in the coverage area (52) of the transmission infrastructure(37) or as a result of a defined triggering event (only with an existingdata connection to the Internet), e.g., a key actuation and/or alocation data comparison and/or a time comparison, transmits containeroperating data to the server or the server device.

The mobile terminal 16 receives the container reconfiguration data fromthe server 38 via the far field data transmission means 36, wherein thecontainer reconfiguration data are generated in response to thecontainer operating data transmitted to the server 38 by the near fielddata transmission means 34. The container operating data include atleast time data and access data.

FIGS. 7 to 10 thus show a method for opening a container 1. Here, themethod includes at least the following steps: providing a container 1,providing at least one mobile terminal 16, wherein the mobile terminal16 includes: a near-field data transmission means 34 for data exchangewith the near-field data transmission device 14 of the container 1; afar-field data transmission means 36, e.g., LTE, for data exchange witha server 38; a processor device 40 for executing a control application;and a storage device 42 for storing container reconfiguration data andcontainer operating data. The container operating data are transmittedby the near-field data transmission device 14 to the near-field datatransmission means 34 of the mobile terminal 16 to be forwarded to theserver device 38 and the mobile terminal 16 receives the containerreconfiguration data from the server 38 via the far field datatransmission means 36, wherein the container reconfiguration data aregenerated in response to the container operating data transmitted to theserver 38 by means of the near field data transmission means 34 andwherein the container operating data include at least time data andaccess data.

FIG. 11 shows a schematic sequence of the representative methodaccording to the present teachings, wherein this sequence includes alarge number of additional or alternative steps. Here, the steps S1-S25shown in FIG. 11 comprise:

S1. The operator/administrator creates a lock unit having a uniqueidentifier on the central server unit and, if necessary, links it to alock group.

S2. The operator/administrator creates a user on the central server unitor provides a defined user group with the option of registeringthemselves on the central server unit (self service).

S3. The user loads the necessary software from an app store or anotherstorage location, which is accessible online, onto his/her mobile device(e. g., a smartphone). In principle, this can be done from anywhere inthe world.

S4. The user logs on to the central server unit via his/her app. To dothis, he/she uses known access data (as created by theoperator/administrator in step 1) or, in the case of the self-service,he/she registers and chooses his/her access data accordingly.

S5. The central server unit checks whether access rights are availablefor the user or the group(s) in which the user is assigned to one ormore locks or lock groups. If access rights are available, these aretransmitted in encrypted form to the mobile unit (as appropriate withany additional information available). The access rights can also besubject to time restrictions. For example, an access right canautomatically expire after 24 hours, as long as no furthersynchronization takes place between the mobile unit and the centralserver unit during this period.

With every synchronization between the mobile unit and the centralserver unit, in addition to the access rights and further information,the system clocks e.g., are compared so that deviations in the clockscan be taken into account.

S6. The access data and additional information received by the mobileunit are buffered locally in encrypted form in a “virtual key ring”.Here, the mobile unit regularly checks whether an access right stillexists and, if necessary, deletes all access rights that have alreadyexpired.

S7. If the user now wants to open a lock unit and his/her mobile unit iswithin range, then the mobile unit will either establish a connection tothe lock unit automatically (in the background) or after manual entry inthe mobile unit (“connect button”). The connection between the mobileunit and the lock unit can be further encrypted beyond the encryptionincluded in the transmission standard.

S8. When the connection to the mobile unit is established, the lock unittransmits a unique identifier to the mobile unit. If necessary,additional information can also be transmitted (e.g. belonging to aspecific lock group).

S9. The mobile unit checks whether access rights exist in the localmemory for this lock or the lock group. In this context, a connection tothe central server unit is not established.

S10. If access rights exist, it may be necessary (depending on theconfiguration by the operator/administrator) that additional keys arerequired to operate the lock unit (e.g., PIN input, scanning a barcode,etc.) that must be entered in the mobile unit and transmitted to thelock unit. In addition, it may be necessary to establish a connection tothe central server unit, as the configuration specifies that the lock isto be opened only when there is a connection between the mobile unit andthe central server unit in order to further increase security, since theaccess rights also are always synchronized between the mobile andcentral unit via an active connection.

S11. The mobile unit sends the lock unit (after a positive check) asignal to open and transmits the corresponding key.

S12. The lock unit checks the key and will store both the connectionattempt and the result of the check, as well as all informationtransmitted about the user or the mobile unit in the internal temporarymemory.

S13. After a positive check, the lock unit releases the lockingmechanism and will also store this event in the temporary memory.

S14. The mobile unit now transmits data to the lock unit that has beenlinked to the access right in the central server unit. For example, theinformation that data provided by the lock unit can be received thereand can now be deleted locally. However, changes to the localconfiguration of the lock unit software can also be transferred.

S15. The lock unit will delete from the local memory the data receivedfrom the central unit and will carry out all other necessary operations.

S16. The deletion and/or the execution of the operations isacknowledged.

S17. The lock unit now transfers all data from the temporary memory (logdata on accesses, access attempts, as well as all stored sensor data tothe mobile unit). All data that are already marked for deletion, but thereceipt has not yet been confirmed by the central server unit, are alsotransmitted.

S18. The mobile unit receives the data from the lock unit and stores itin a protected area. The receipt is acknowledged.

S19. The lock unit will now mark all transmitted data with additionalinformation (mark it for deletion), but not yet delete it, as it is notyet certain that this data has also been received on the server unit. Ifnecessary, data that has been transmitted multiple times is enrichedwith additional information.

S20. The connection between the lock unit and the mobile unit isterminated again.

S21. The mobile unit will now try to contact the central server unit atthe next possible time or at a configured time and to transfer the datatransmitted by the lock unit to it.

S22. As soon as there is a connection between the mobile unit and thecentral server unit, the data is transmitted and acknowledged by thecentral server unit.

S23. The acknowledged data will now be deleted from the temporary memoryof the mobile unit.

S24. The central server unit now updates the access right to thespecific lock with the information that the defined data has beenreceived and can be deleted locally (taking into account the informationwhich data has already been deleted by the unit).

S25. The access right is now synchronized with all mobile units thathave access to the specific lock or the associated lock group.

Thus, a method for asymmetrical or indirect transmission of data betweena transmitter and a receiver is disclosed herein.

For example, sensor data which are collected in places where there istemporarily or permanently no internet connection or no connection to analternatively suitable transmission network can be transmitted to acentral server. Such “offline situations” exist in dead spots, underground, under water, etc.

In terms of content, techniques according to the present teachings arepreferably based on the method likewise described above for the secureassignment of unique access rights without the use of specializedhardware and without an existing Internet connection. A component hereis a mobile application that runs on a device, e.g., a server and/ormultiple mobile terminals, which is connected via a mobile dataconnection to a server device, e.g., a central server, and from which itcan receive keys (analogous to the method described above) and canprovide them locally.

If sensor data of an (offline) container is now to be transmitted to theserver device 38, e.g., the central server, the mobile device or themobile terminal 16 must be brought into the vicinity of the container 1so that the near field transmission means 34 of the mobile terminal 16can receive raw or processed or partially processed sensor data from oneor more sensors arranged on or in the container 1. The sensor data aretransmitted via the near-field data transmission device of thecontainer, e.g., of the lock device 10, to the near-field datatransmission means 34 of the mobile terminal 16. The sensor is providedor coupled or connected to an electronic device, e.g., the processordevice 20, which stores the data made available by the sensor, e.g., ina configurable manner, locally, e.g., in a memory unit 18.

If the mobile device 16 comes within range of the near-field datatransmission device 14, it preferably authenticates itself using theaccess key for the container 1, e.g., for the processor device 20, andrequests the content or defined data of the data held or temporarilystored in the local memory, e.g., time and/or sensor data.

If the processor device 20 accepts the access and the request, therequested data is transmitted to the mobile device 16 (e.g., viaBluetooth® or NFC). After checking the completeness and correctness ofthe transmitted data, the mobile terminal 16 preferably sends a deletesignal or delete data, which trigger the deletion of at least part ofthe locally stored or temporarily stored data, e.g., the sensor dataand/or time data (temporary memory erased). Otherwise, the transfer ispreferably requested again. The same mechanism can also be used totransfer configuration changes to the container and to synchronize thelocal times (container and mobile device). After the connection has beendisconnected, the container 1 and the sensor or sensors arranged orprovided therein preferably operate completely independently and collectdata until the next access by the mobile application.

The container data, e.g., the data generated by the sensor(s), can thusbe completely transmitted to a central unit, e.g., to the server device38, even without a permanent Internet connection, by the upstreamtransmission to a mobile terminal 16. Thus, a method for asymmetricaland/or indirect transmission of data between a transmitter (mobileterminal) and a receiver (container) is provided, wherein after the datahas been set up, the mobile terminal also receives data from thecontainer and/or the container sends data to the mobile terminal.

LIST OF REFERENCE SYMBOLS

-   1 Container-   2 Object-   4 Main body-   5 Receiving part-   6 Accommodation volume-   8 Opening device-   10 Lock device-   11 Opening/membrane-   12 Actuator-   14 Near field data transmission device-   15 Antenna unit-   16 Mobile terminal-   17 Bolt-   18 Memory unit-   19 Electronic unit-   20 Processor device-   22 Energy source-   23 Sensor device-   24 Temperature sensor-   25 Distance-   26 Wall of the container-   28 Humidity sensor-   29 Air humidity sensor-   30 Weight sensor-   31 Further weight sensor-   32 Base-   34 Near field data transmission means-   36 Far field communication means-   37 Far-field communication infrastructure-   38 Server or server device-   40 Processor device of the mobile terminal-   42 Storage device-   44 Hole for fastening screw-   46 Accelerometer-   50 Coverage area of the near field communication means of the    container-   52 Coverage area of a far-field communication infrastructure-   54 Communication between server and transmission infrastructure-   56 Communication between the transmission infrastructure and the    mobile device-   58 Near field communication between near field communication means    and near field communication device-   240 Further temperature sensor

1.-15. (canceled)
 16. A container comprising: a main body that enclosesan accommodating volume in a multi-sided manner, an opening device thatis moveable relative to the main body, and a lock device configured toselectively prevent a defined movement of the opening device relative tothe main body, the lock device including: a near-field data transmissiondevice configured to receive data from and send data to at least onemobile terminal while the at least one mobile terminal is temporarilylocated within a defined distance range from the container, a memoryunit configured to temporarily store time data and access data, whereinthe time data includes a last opening time point and/or a last closingtime point, wherein the access data includes at least authorization dataand identification data, wherein the authorization data define, independence on the identification data, a condition under which the lockdevice is converted from a closed configuration to an open configurationby the actuator, and wherein the identification data specify anassignment to the at least one mobile terminal, a processor deviceconfigured to compare the authorization data and the identificationdata, an electrically operated actuator that is controllable, inresponse to a defined match of the compared authorization data and theauthorization data, to convert the lock device to the openconfiguration, and an energy source that supplies operating current toat least the actuator, the near-field data transmission device, thememory unit and the processor device and that is not a commercial ACsupply.
 17. The container according to claim 16, wherein: the processordevice, the memory unit and the near-field data transmission device aredesigned as components of the lock device and are disposed, in theclosed configuration of the container, in an interior of the container.18. The container according to claim 17, further comprising: at leastone temperature sensor disposed in the interior of the container or on awall of the container, wherein: the temperature sensor is configured tooutput temperature values or temperature data, and the processor deviceis configured to store the temperature values in the memory unit in theform of data or to store the temperature data in the memory unittogether with the time data and/or the access data.
 19. The containeraccording to claim 17, further comprising: at least one humidity sensordisposed inside the container or on a wall of the container, wherein:the humidity sensor is configured to output humidity values or humiditydata, and the processor device is configured to store the humidityvalues in the memory unit in the form of data or to store the humiditydata in the memory unit together with the time data and/or the accessdata.
 20. The container according to claim 17, further comprising: atleast one weight sensor disposed in or on a wall forming a base of thecontainer, wherein: the weight sensor is configured to output weightvalues or weight data, and the processor device is configured to storethe weight values in the memory unit in the form of data or to store theweight data in the memory unit together with the time data and/or theaccess data.
 21. The container according to claim 17, wherein theprocessor device energy source is configured to generate energy sourcedata that include one or more of: a remaining charge level of the energysource, an amount of discharge of the energy source over a definedperiod of time, and/or a change in voltage of the energy source over adefined period of time.
 22. The container according to claim 16,wherein: in the closed configuration, the container delimits a volume ofless than 10 m³, walls of the container have a mean wall thickness ofless than 30 mm, the opening device has a surface area that is at least50% of a surface area of one of the walls that extends parallel to theopening device, the walls are composed of a metal, a polymer material ora composite material, the energy source is a battery having a minimumcapacity of 1000 mAh, and the near-field data transmission devicecomprises an RFID, Bluetooth, WLAN, ZigBee and/or Z-Wave datatransmission device.
 23. A method for opening the container according toclaim 16 using the at least one mobile terminal, wherein the at leastone mobile terminal includes: a near-field data transmission meansconfigured to exchange data with the near-field data transmission deviceof the container, a far-field data transmission means configured toexchange data with a server, a processor device configured to execute acontrol application, and a memory device that stores containerreconfiguration data and container operating data, wherein the containeroperating data include at least time data and access data, the methodcomprising: transmitting the container operating data from thenear-field data transmission means of the lock device to the near-fielddata transmission means of the at least one mobile terminal,transmitting the container operating data from the far-field datatransmission means of the mobile terminal to the server, generating newcontainer reconfiguration data in the server in response to thecontainer operating data received from the at least one mobile terminal,and transmitting the new container reconfiguration data from the serverand receiving, in the at least one mobile terminal, the new containerreconfiguration data from the server via the near field datatransmission means of the at least one mobile terminal.
 24. The methodaccording to claim 23, further comprising: sending data and/or sensorsignals from at least one sensor in the container to the processordevice of the container, and transmitting, from the near-field datatransmission device of the lock device, signals and/or data whichrepresent or delineate the sensor data or sensor signals as part of thecontainer operating data to the near-field data transmission means ofthe at least one mobile terminal.
 25. The method according to claim 23,further comprising: sending identification data from the server to theat least one mobile terminal together with the container reconfigurationdata or as a separate data record, storing the identification data fromthe server in the memory device of the at least one mobile terminal,transmitting the identification data from the mobile terminal togetherwith specific device data of the at least one mobile terminal to thenear-field data transmission device of the lock device in response to anaccess authorization request, comparing at least the identification dataand the authorization data stored in the memory unit of the lock device,maintaining the lock device in a locked state or converting the lockdevice to an open state as a function of a comparison result resultingfrom the comparison.
 26. The method according to claim 23, furthercomprising: causing the processor device of the lock device to store aspecific set of container operating data in modified form in the memoryunit of the lock device at least after this set of container operatingdata has been sent to the at least one mobile terminal.
 27. The methodaccording to claim 26, wherein: the new container configuration dataspecify which specific set of container data to be deleted from thememory unit of the lock device and the processor device of the lockdevice deletes the data from the memory unit of the lock device as afunction of the new container reconfiguration data.
 28. The methodaccording to claim 27, wherein the container reconfiguration datainclude authorization data and an instruction to the processor device ofthe lock device to replace and/or augment the authorization data held inthe memory unit of the lock device with authorization data of thecontainer reconfiguration data.
 29. A non-transitory computer storagemedium comprising computer-readable instructions that, when executed,carry out the method according to claim
 23. 30. A system, comprising: aplurality of containers, each of the containers being configuredaccording to the container of claim 16, and a plurality of mobileterminals, each including: a near-field data transmission meansconfigured to exchange data with the near-field data transmissiondevices of the containers, a far-field data transmission meansconfigured to exchange data with a server, a processor device configuredto execute a control application, and a memory device that storescontainer reconfiguration data and container operating data, and aserver, wherein: the container operating data include at least time dataand access data, the time data include at least a last opening timepoint and/or at least a last closing time point, the system isconfigured such that: the container operating data is transmitted by thenear-field data transmission device of the locking device to one of themobile terminals and is forwarded to the server device; the serverdevice receives the container operating data from the one of the mobileterminals and, after receiving the container operating data, generatesnew container reconfiguration data and the new container reconfigurationdata is sent to: (i) the one of the mobile terminals, (ii) another oneof mobile terminals assigned to the container, or (iii) a group ofmobile terminals, wherein all of the mobile terminals assigned to thegroup are assigned to the container.
 31. The system according to claim30, wherein: the container is located outside of a coverage area of atransmission infrastructure, and each of the mobile terminals isconfigured to transmit the container operating data from the mobileterminal to the server only when the mobile terminal is in the coveragearea of the transmission infrastructure.
 32. The system according toclaim 30, wherein each of the mobile terminals is configured to transmitthe container operating data from the mobile terminal to the server inresponse to a defined triggering event.
 33. The method according toclaim 23, wherein: the container is located outside of a coverage areaof a transmission infrastructure, and the method further comprisestransmitting the container operating data from the mobile terminal tothe server only when the mobile terminal is again in the coverage areaof the transmission infrastructure.
 34. The method according to claim23, wherein: the method further comprises transmitting the containeroperating data from the mobile terminal to the server in response to adefined triggering event.
 35. The method according to claim 25, wherein:the method further comprises actuating the actuator to convert the lockdevice to the open configuration in response to a defined match of theauthorization data and the identification data as determined by theprocessor device.